According to a report by Palo Alto Networks, Zoho, an enterprise software maker, was targeted by hackers, probably of Chinese origin, who exploited a vulnerability in its self-serve password management tool ManageEngine from the end of September to early October.

The US-based cyber security firm’s Unit 42 said the hackers exploited the known vulnerability to successfully invade at least nine international organizations in critical sectors like defense, healthcare, education, energy, and technology. It also mentioned that the attack began on 22 September till early October.

As per the PAN reports, the techniques and tools used to attack were similar to that of the Chinese hacking group Emissary Panda, though the information is not validated yet. It also said that it had detected over 11,000 servers running Godzilla Webshell, the malware that was used in the cyberattack.

The spokesperson of ManageEngine said, “We have addressed an authentication bypass vulnerability in ManageEngine’s ADSelfService Plus. The vulnerability affects REST API URLS and could result in Remote Code Execution. We released a patch and notified all our customers about the bug.”